Description
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace.
References (9)
Core 9
Core References
Patch, Third Party Advisory mailing-list
x_refsource_mlist
https://marc.info/?l=linux-netdev&m=150348777122761&w=2
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2918
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2931
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100466
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2017/q3/338
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7558
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039221
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2017/dsa-3981
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2930
Scores
CVSS v3
5.1
EPSS
0.0077
EPSS Percentile
73.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-125
Status
published
Products (4)
debian/debian_linux
8.0
debian/debian_linux
9.0
linux/linux_kernel
4.7 rc1 (7 CPE variants)
linux/linux_kernel
4.7 - 4.13
Published
Jul 26, 2018
Tracked Since
Feb 18, 2026